Jump to content

CodeCrypter - Encrypt your Script


RTFC
 Share

Recommended Posts

46 minutes ago, RTFC said:

In Codecrypter's Structure Tab, did you tick "Enable Phrasing"?

Yes. It is - and it was per default enabled.

 

46 minutes ago, RTFC said:

In your helloworld CS_DATA subdir, does the last line of phrases.txt look something like this:

{funcA307}( 0 ,{string1},{string2})

 

Yes. Here the last few lines of phrases.txt:

[...]
{funcU12}({var13})
{funcA137}({string8})
{macro39}
{var9}={string9} 
{var9}<= 0 Or {var9}>{funcA457}({var6})- 1 
{funcA394}({var9})
{var6}[{var9}]={string10} And {var10}= True 
{funcA279}({string11},{string12},{string13},{string14}, 250 , 140 )
{funcA307}( 0 ,{string1},{string2})

 

46 minutes ago, RTFC said:

And does the tail end of your phrasesNew.txt contain MCFCC decryption calls?

Yes. Here the last 25 lines of phrasesNew.txt:

[...]
Number($number)
Number($number)
_AES_Startup()
BinaryToString(_AesDecrypt($CCkey[$index],$hexstring))
Execute(_MCFCC("0xD1A33108EAE7FD06E145E96D262EE4D6382B1967988EF6E97292EFD8945F8D5071D38AB35ACB5AD5F573B695A1E36035"))
Execute(_MCFCC("0xB82B7DA3395267D19AAB7DC51C61174BE01F9FCE53555CD90898B3A99233EEF2"))
Execute(_MCFCC("0x627F189A68A6264D195B03A1330541EA747E5DF5A049F8B693704BB70EF290B1D0C92D50425C9D4F0DCC71C7D9C50B46"))
Execute(_MCFCC("0x758073303EC328D6625C901F1662DA64475843E1AA01CFC9C31889761D076EC0437C4A0D3B7659AA0614AC8678501D6B"))
Execute(_MCFCC("0x7408334560F48B4D20CAB13919FF566586EAD34B474128A1429E395A3D43F3C7CD69B593FA744DC458FC7EDBEF78EC89"))
Execute(_MCFCC("0xF2549E234652C943068A5D5419833B35EEA9EFE3992AF5380F88DFE5D9F357D08337FC2B0C58721BA1EACE463F529683975C152E248E512C47A07010D8955E44"))
Execute(_MCFCC("0x059DF57B2FF6C4173630987575B86AA2069DFA6F06C93E61C8F2A8DB6B435B371FDCA6E88CD2D381E1C190544A0EE6048607A2869DA960113EB7480129E42A33"))
Execute(_MCFCC("0x4C1CD1D06406215974E3E6B107086F7D7CF13FA2D74C12AD11E9A71B10973D01E5DAD83F1E2E78021C4D0D1B19B17437"))
Execute(_MCFCC("0x901F3DA39B42A8F9CCF0CA88307040EDFD1B9BAF1EAA721EA015D08F056EDC9A04AD45A3E7815E4A5925829E473AA5DE"))
Execute(_MCFCC("0x8AF236B595AE8B0436ED56ACC0AED32D5020D7E8E1A477CE47AB4CA8F97122F213396759BDDA33949C13B12832180BDB"))
Execute(_MCFCC("0x49D5F4928B683441DFDEA19E935369ED6CF66459620A97B95690FF15E435AEFD533C88F1D41C8F387307EC4399B3FA8D"))
Execute(_MCFCC("0x234E638ECCFCA1834ACB25ED94D4D6874B97518A9CE0F956534F1A2B78AA3832"))
Execute(_MCFCC("0xC4FA54642BC40D16060BD92B3A6964229F3D0821CEA20C079738BC75835DF930038898F0FAC8F5311C0B5B47B0DFE4AE15D8471C904FBCA0ECC35CEFB3EA9AB0"))
Execute(_MCFCC("0x8B23D90F87648ACA3F5DC801D96E6466BE62A2C0A879590DE7E0B4BB72B3DDA8E06861AF890F7223889BBFADD19BAF2E9389E57B31B1F8B38D221C0CC534AE2E"))
Execute(_MCFCC("0x94837CB8A2496A3A02F62DCF2949471FB8B04A89A7191E570C0B011FB0262C7CC15DF37D0A8261BFF72D78E087FB1632"))
Execute(_MCFCC("0xAC37CC1C0B907BAD16B9E4A9FB75E927274119C133346123FEF12657DB64C3253D4BEC6986909314E2DDC41A643AE7BA"))
Execute(_MCFCC("0xAD702334D7F65902E2E44FAC1E856924399177530B5598A13D90338FC02B5186"))
Execute(_MCFCC("0x2CF45191AA336BA1F97FBC21B7B8AF97698C1E5C6240118EBEDF3FF0D5E84E6E0E41791EE3E3EC1B697354EFA003EB00C265349FB1F148839E23A47396E78D62"))
Execute(_MCFCC("0x0988DE318B06E55719251A4DDA21ACB3347A6A478F5302E3C3E4D1EDF6F59298"))
Execute(_MCFCC("0x205B03401C14D68AC4EC4EFE1FA0B19B14A1000DB8D7F8E802C099A1D53211664FA1167D91ADEC8A3446812A191614A82A9C356AFC79FE7EBD98273CB45CEE04"))
Execute(_MCFCC("0x8F724930EAE5C8D0C47A0645C4327CBC473ADB6C0C7208A2EFB1E447D7C7AD6AFC5519043397E7D8324ABD27406B5A49F51DD106AD4C6AF1F7561FFD1B2D3D7E71EC0BBC13FB333E90ED42FCC05C4B26BD499D4F7D713A8AF62B06B3DAEAADB8808D9C2ECEEF7B3401451838D3C48B3F"))
Execute(_MCFCC("0x5AD89524ED24E5542B5CEB0A364A31963F019EC0C1298803119C3DB72D0580221BCD1A0124333AA2297A60E0CA369673090A7E6A59C336D715E13AD3C48478D7",3))

 

Thanks and regards

Edited by roman
Link to comment
Share on other sites

Curiouser and curiouser.:think: What AutoIt version are you running (shouldn't make a difference though)?

My problem is that I cannot reproduce this error at all at my end. Maybe you could zip your helloworld test environment (incl codescanner/crypter, MCFinclude, MCF) for me to download from Google Drive or Dropbox or a similar site? You can send me the download link in a PM, if you want. I don't think I'll be able to fix it unless I can see it fail on my own machines.

Link to comment
Share on other sites

Ok.

A question: After I downloaded your "CodeScannerCrypter.bundle.v2.3", I copied all files from this archive into my C:\Program Files (x86)\AutoIt3\Include directory. I assume that's the right way to save and place this files, isn't it?

I could zip my whole C:\Program Files (x86)\AutoIt3 directory - and you could extract it to the same place on your machine.
I will provide you my Test.au3 script and the generetad directory and files from codescanner/codecrypter as well; I worked with them within C:\Temp.
More is not necessary, right?

BTW: I use AutoIt 3.3.14.5

Edited by roman
Link to comment
Share on other sites

Actually, it would be better if you could create the smallest possible work environment that reproduces the error, without your regular AutoIt includes. So maybe just create a temp subdir that contains the bundle contents, your helloworld.au3, plus the CS_DATA subdir below it (by running codescanner+crypter locally there).

Link to comment
Share on other sites

Found the issue, which was indeed a bug. Please stand by for an updated bundle...

CodeScannerCrypter bundle version 2.4 is now released, with many thanks to @Roman for flagging the bug.

Edited by RTFC
Link to comment
Share on other sites

  • 2 months later...

Hello "RTFC"

I have another issue while encrypting a small part of my scipt. The scan and encryption process goes well and flawless, until I open and try to start the (partially encrypted) file "MCFOtest.au3". Then, I get an error message in the scite output pane, line 10 - 12:

>"C:\Program Files (x86)\AutoIt3\SciTE\..\AutoIt3.exe" "C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.au3" /run /prod /ErrorStdOut /in "C:\Temp\AutoCert\MCF0test.au3" /UserParams phg50116.essd.ch   
+>13:01:05 Starting AutoIt3Wrapper v.19.102.1901.0 SciTE v.4.1.2.0   Keyboard:00000807  OS:WIN_10/  CPU:X64 OS:X64  Environment(Language:0409)  CodePage:0  utf8.auto.check:4
+>         SciTEDir => C:\Program Files (x86)\AutoIt3\SciTE   UserDir => C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper
>Running AU3Check (3.3.14.5)  from:C:\Program Files (x86)\AutoIt3  input:C:\Temp\AutoCert\MCF0test.au3
+>13:01:05 AU3Check ended.rc:0
>Running:(3.3.14.5):C:\Program Files (x86)\AutoIt3\autoit3.exe "C:\Temp\AutoCert\MCF0test.au3" phg50116.essd.ch   
+>Setting Hotkeys...--> Press Ctrl+Alt+Break to Restart or Ctrl+Break to Stop
"C:\Temp\AutoCert\MCF0test.au3" (1058) : ==> Variable used without being declared.:
Return BinaryToString(_AesDecrypt($CCkey[$index],$hexstring))
Return BinaryToString(_AesDecrypt(^ ERROR
->13:01:09 AutoIt3.exe ended.rc:1
+>13:01:09 AutoIt3Wrapper Finished.
>Exit code: 1    Time: 4.522

...
"C:\Temp\AutoCert\MCF0test.au3" (1058) : ==> Variable used without being declared.:
Return BinaryToString(_AesDecrypt($CCkey[$index],$hexstring))
Return BinaryToString(_AesDecrypt(^ ERROR
...

The instruction #include <MCFinclude.au3>

...
#include <MCFinclude.au3>
Func FNC_Data()
    Return "xxxxxxxxxxxxxxx"
EndFunc

is set at the end of my script, above the last 3 lines of code, which only return a password.

 

I'm reading your FAQ.pdf, last section "My new script does not work. How can I identify the cause?", but I even don't know which file is the "BackTranslation" and therefor how to check this?

How can should I proceed to find the cause of this error?

Regards
Roman

Edited by Roman
Link to comment
Share on other sites

Put the include on top.

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to comment
Share on other sites

17 hours ago, jchd said:

Put the include on top.

Absolutely right.

If you want only a single function to be encrypted, untick all others in the list of encryptable UDFs after pressing the UDF button under the Encrypt Tab in CodeCrypter. But the encryption infrastructure itself (that is, the #include MCFinclude.au3 directive) should be placed at the top of your script, below your other #includes (which are public anyway, and encrypting those would just needlessly slow down your app), but above the start of your own code. Anything that calls encrypted code needs to follow the code in MCFinclude.au3, even if it itself is not encrypted. Hope that clarifies matters.:)

Regarding Backtranslation, you get a Backtranslated version of your input script (called MCF0test.au3) if you tick BackTranslate under the Main Tab instead of Encrypt. This is for testing that the MCF tag substitution process (forward and backward) is performed correctly. So your testing sequence should be:

  1. run CodeScanner, check report, fix any errors until CodeScanner returns a clean bill of health
  2. run CodeCrypter with Create MCF0 and Backtranslate ticked under Main Tab to generate a Backtranslated MCF0test.au3
  3. run MCF0test.au3 in Scite to check that it performs exactly as your input script, change CodeCrypter settings and retry if not
  4. once Backtranslated version is okay, tick Encrypt in CodeCrypter with desired encyption settings (under Tab Encrypt), and run Codecrypter to generate an encrypted MCF0test.au3
  5. run encrypted MCF0test.au3 in Scite to check that it performs exactly as your input script (some slowdown is normal due to  the extra decryption work done)
  6. once the encrypted version runs okay, compile, and test that the executable performs the same as the interpreted version.
Edited by RTFC
added Backtranslation info
Link to comment
Share on other sites

I've set the #include directive at the very top, below the other #include(s). But nevertheless there goes something heavily wrong:

  1. run CodeScanner, check report, fix any errors until CodeScanner returns a clean bill of health
    Done. Works with no issues.
     
  2. run CodeCrypter with Create MCF0 and Backtranslate ticked under Main Tab to generate a Backtranslated MCF0test.au3
    Done. (In this step, I have all encryption options deactivated/unticked.)
     
  3. run MCF0test.au3 in Scite to check that it performs exactly as your input script, change CodeCrypter settings and retry if not
    Done. MCF0test.au3 works flawless.
     
  4. once Backtranslated version is okay, tick Encrypt in CodeCrypter with desired encyption settings (under Tab Encrypt), and run Codecrypter to generate an encrypted MCF0test.au3
    Done. (In this step, I've let "Create MCF0" and "Backtranslate" ticked and I have the two encryption options "Phrases" and "Strings" activated/ticked too. Additionally, in "Subset Only" -> button "UDFs",  I have activated/ticked only my small 3-line function, all other functions and "Main Script" are deactivated/unticked.)

    Result: I get a new MCF0test.au3, but it is identical with that one written in Step 2 (except for a comment line with more recent date/time), my small function is not encrypted.

    What did I wrong?
     
  5. run encrypted MCF0test.au3 in Scite to check that it performs exactly as your input script (some slowdown is normal due to  the extra decryption work done)
  6. once the encrypted version runs okay, compile, and test that the executable performs the same as the interpreted version
Edited by Roman
Link to comment
Share on other sites

  • 2 months later...

Hi RTFC,

I was  going to have some variables used in functions above _MCFCC_Init which are naturally declared above where i intend to place the #include "MCFinclude.au3" line in my script
 And just noticed that MCFinclude.au3 gets included in MCF.au3 which will interrupt the read flow of the script 

Do you have an idea how could something be changed so that MCFinclude.au3 gets included only from where we choose to call it in the script and not from MCF.au3 
I tested with moving functions and vars from the main script to "MCFinclude.au3" but that makes things a bit more difficult to manage

Thanks

Edited by Deye
Link to comment
Share on other sites

Hi Deye. Not sure I follow. I take it you are including MCF.au3 in your script(?), as well as MCFinclude? And then you wish to encrypt the encryptor itself?! That may turn into a circular argument. In any case, MCF requires reference to MCFinclude for the encryption calls and environment set-up to work. So basically, the MCF package allows you to implement either: structure- and content-altering functionality of MCF on its own (e.g., for translation, automated code editing, etc), OR use these for encryption and/or obfuscation purposes using MCFinclude, but not both at the same time. Of course, if you're not relying on encryption functionality, you could edit MCF.au3 to remove the parts that reference content in MCFinclude, i.e., in _PhraseMCF, comment out the first loop scanning for the definition of $section2_lastline, and remove funcs _EncryptEntry and _EncryptArrays (plus the call to the latter in_RebuildScript). That would allow you to remove #include MCFinclude.au3 within MCF.

Edited by RTFC
Link to comment
Share on other sites

  • 1 month later...

Hi RTFC, im getting an error, hope you could guide me.

Spoiler

image.png.e6e2019d5bfbe83999e28e76954da43e.png

All my scripts are in same folder, MCF0test.au3 is working perfect, exactly the original script.

"When Codecrypter completes without errors, a new file MCF0test.au3 will have been created in the same directory as your original script. Make sure it performs exactly as your original version. If so, untick the original checkboxes in CodeCrypter and enable Encrypt instead. You may also wish to set specific Encryption options under the Tab. Finally, press "

The error starts when i try encrypt MCF0test.au3.

A doubt. If i encrypt my script and compile it to .exe, it still will work?

Edited by memerim
Link to comment
Share on other sites

Well, that error seems pretty self-explanatory, don't you think? It looks as if you forgot to include MCFinclude.au3 in your script prior to running CodeScanner (not Crypter). Wtihout that include, encryption is not possible.

Link to comment
Share on other sites

  • 3 weeks later...

Codecrypter version 3.1 is released; a major upgrade, made possible by the incorporation of TheXman's CryptoNG suite (with permission, of course). Many thanks:thumbsup: to TheXman for allowing me to incorporate Bcrypt dll calls (works in 32/64-bit, in Win7 and up), which perform almost as fast as Ward's machine code routines, wherever Bcrypt is available (NB perhaps not on WinXP and earlier OS versions, so if you're maintaining paleoware, stick to Ward's algo). For now, only AES encryption is actively supported, but any coder familiar with CryptoNG will be able to swap that for any other symmetric encryption algorithm by changing one global variable.

I've taken this opportunity to fix a whole ream of minor bugs (why did no-one tell me before that obfuscation messed with WinAPI_UniqueHardwareID calls?!), and re-tested the various encryption options (on helloworld, goodbyeworld, farewellworld, and a few other random scripts). However, since a lot of refactoring has taken place, it is likely that new bugs will now rear their repugnant visage. If you do encounter such a beastie, please also test whether it goes away when you select the alternate encryption engine (Ward's vs TheXman's), and let me know in this thread either way. And if you want me to have a look at your issue, please make the effort to post the smallest-possible reproducer script with your question/bug-report. Thanks.

There's also a new, short and simple HowToGuide (CodeCrypter explained in five easy steps), and some minor edits in the FAQ.

Hope you like it.:sweating:

Edited by RTFC
typos
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...